4 ways that HR teams can use Identity and Access Management (IAM) for secure remote working
As businesses start to take tentative steps out of the COVID-19 pandemic, we are still understanding what our 'new normal' is. In the backdrop of an ongoing pandemic, we’re taking a heightened risk-based approach to living our lives and working.
Businesses and departments that were unable to work remotely shutting down during the lockdown led to a negative impact on businesses, industries, and the economy as a whole -- you only have to look at the retail and hospitality sectors to see this. A paradigm shift has occurred, particularly with technology and its use in a post-pandemic world.
Technology is no longer viewed as solely for the purposes of the IT team, or certain departments or roles. From ordering essentials online, making secure payments online, and converting our homes into virtual offices, these recent experiences have one strong message for all of us -- IT is no longer niche but a necessity, embraced by the whole nation.
This means that if you are not a technical person, you are still expected to understand the basics. The good news is that organizations who purely focused on clients in particular roles and departments are now looking at a much wider opportunity where their products could be made in a way that is slightly less technical or sophisticated, more user friendly, and serves a variety of business units as opposed to just IT.
Human resources is a great example. During the pandemic, one-to-one communication opportunities for hiring, conflict resolutions, resignation processes, and plenty of other HR-based activities couldn't function as they normally do; workarounds were needed. We had to interview via Zoom, we were required to handle conflict resolutions remotely and virtually and so much more. This was also harder for the HR team who were having to reinvent their processes to fit a virtual world, with some being less tech savvy than other departments or teams.
There are a few areas where an identity and access management solution (IAM) can help those less technical individuals who are perhaps not quite so used to remote working get through the learning curve of using technology -- particularly if they are working from home. Here are four top tips that I picked up which helped me:
Signing into your systems once
For example, with a lot of the questions I have, I can get answers via different applications launched in an internal cloud. This has resources that I need for our day to day HR activities as well as inquiries relating to payroll, partners, and customers. However, signing into each and every one of these applications is time-consuming and can get frustrating. This is where IAM comes into the picture. The single sign on (SSO) feature in IAM allows me to access all the applications within a given session, using a single secure authentication. When I sign in to one application, it authenticates me to proceed to all my other applications without having to sign into them again.
Moreover, I can safely log out of all my applications using the single logout feature. This way, I am not worried about having to log out of everything properly. Additionally, we utilize IAM to access conference apps like Zoom using the organization-level user credentials so that employees need not create separate accounts every time they want to use Zoom.
If proof is not satisfactory, use another factor
Since many of us are working from home, the chances of intruders and imposters trying to act as if they are part of the business can put the organization at risk. This is where multi factor authentication (MFA) comes into play. In addition to basic authentication, you can include something that the user knows (like a password), something that the user has (like an RSA token), or something that the user is (any biometric references like retina scans or fingerprints). But while adding this additional element brings more security, it can be super annoying for an average user -- like me. This is why there is adaptive authentication. You can choose the MFA factors depending on how prominent the resources that a certain user handles are, the user’s geographical location (if the user is stuck somewhere other than their home or business due to the situation), the user’s access privileges, or in other words, what the user can do with the accessed data, the user’s IP address and many more factors. This proves to be secure while still being user friendly.
It can be a real struggle if we forget passwords in these circumstances. Imagine the plight of the IT team if a number of people forget their passwords on a daily basis. Also, writing these passwords down is not particularly smart when you can’t remember them by heart. Having weak passwords, or having the same passwords for multiple applications for convenience, can all lead to a hacker’s paradise. Passwordless authentication protocols like FIDO2 depend on security key mechanisms instead of passwords. This is both user friendly and secure.
Onboard, promote, transfer
Onboarding, promoting, or transferring an employee requires IT to give them access to certain applications and rights; and modify them whenever required. This is not a hassle with identity and access management since the users and roles exist in the system and creating new employees, promoting employees to another role, and transferring the department of an employee can all be done easily. These functions can also be enhanced using the workflow feature in IAM.
These are just a few simple ways that an IAM solution can manage secure access to your applications. Technology and remote working is not a short-term fix for the pandemic. This is going to be the way of life going forward since organizations now have a greater understanding of its benefits and how feasible it is for many non-IT departments and functions.
Gomathy Kumarakuruparan is a Technical Writer at WSO2